ML
    • Recent
    • Categories
    • Tags
    • Popular
    • Users
    • Groups
    • Register
    • Login

    Opinions: Ansible vs. SaltStack

    Scheduled Pinned Locked Moved IT Discussion
    devopsansiblesaltautomationsaltstack
    88 Posts 17 Posters 12.6k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • scottalanmillerS
      scottalanmiller @AdamF
      last edited by

      @AdamF said in Opinions: Ansible vs. SaltStack:

      What's the current opinion on agent vs agentless?

      Depends. Are you LAN-based, then agentless is nice. Pretty much anything else, agents are essentially the only option.

      AdamFA 1 Reply Last reply Reply Quote 1
      • scottalanmillerS
        scottalanmiller @travisdh1
        last edited by

        @travisdh1 said in Opinions: Ansible vs. SaltStack:

        @AdamF said in Opinions: Ansible vs. SaltStack:

        What's the current opinion on agent vs agentless?

        6 of 1, half dozen of another. If an agent is required, just build it into your base image or installation script.

        Not quite. It's still "more work to deploy" for one, and "more secure" for the other.

        1 Reply Last reply Reply Quote 0
        • AdamFA
          AdamF @scottalanmiller
          last edited by

          @scottalanmiller said in Opinions: Ansible vs. SaltStack:

          @AdamF said in Opinions: Ansible vs. SaltStack:

          What's the current opinion on agent vs agentless?

          Depends. Are you LAN-based, then agentless is nice. Pretty much anything else, agents are essentially the only option.

          Can you further clarify this statement? Why are agents the only option in a lanless (distributed) environment?

          M scottalanmillerS 2 Replies Last reply Reply Quote 0
          • M
            marcinozga @AdamF
            last edited by

            @AdamF said in Opinions: Ansible vs. SaltStack:

            @scottalanmiller said in Opinions: Ansible vs. SaltStack:

            @AdamF said in Opinions: Ansible vs. SaltStack:

            What's the current opinion on agent vs agentless?

            Depends. Are you LAN-based, then agentless is nice. Pretty much anything else, agents are essentially the only option.

            Can you further clarify this statement? Why are agents the only option in a lanless (distributed) environment?

            Agentless is push model. How do you plan on pushing desired state to clients that have unpredictable connections? Agents can pull, regardless of where the endpoints are.

            scottalanmillerS 1 Reply Last reply Reply Quote 1
            • scottalanmillerS
              scottalanmiller @marcinozga
              last edited by

              @marcinozga said in Opinions: Ansible vs. SaltStack:

              @AdamF said in Opinions: Ansible vs. SaltStack:

              @scottalanmiller said in Opinions: Ansible vs. SaltStack:

              @AdamF said in Opinions: Ansible vs. SaltStack:

              What's the current opinion on agent vs agentless?

              Depends. Are you LAN-based, then agentless is nice. Pretty much anything else, agents are essentially the only option.

              Can you further clarify this statement? Why are agents the only option in a lanless (distributed) environment?

              Agentless is push model. How do you plan on pushing desired state to clients that have unpredictable connections? Agents can pull, regardless of where the endpoints are.

              Exactly.

              1 Reply Last reply Reply Quote 2
              • scottalanmillerS
                scottalanmiller @AdamF
                last edited by

                @AdamF said in Opinions: Ansible vs. SaltStack:

                @scottalanmiller said in Opinions: Ansible vs. SaltStack:

                @AdamF said in Opinions: Ansible vs. SaltStack:

                What's the current opinion on agent vs agentless?

                Depends. Are you LAN-based, then agentless is nice. Pretty much anything else, agents are essentially the only option.

                Can you further clarify this statement? Why are agents the only option in a lanless (distributed) environment?

                The laptop in the hotel is always the ultimate example. You have an unknown device IP, behind a NAT firewall that you do not control. There is no way for any agentless model to work, it's impossible. This is why universal system management is and always will be agent based. Agents don't require to you know where, or expose systems in order to manage them. This doesn't mean agents are better, it's just the one aspect where it's black and white that agents work the same as on a LAN, and agentless doesn't work at all.

                The problem for most companies, is that essentially every company has some number of workloads like this and once you have one, you can only use agentless when you are willing to not manage everything, just some things. Agent based is essentially the only way to use one tool for all workloads.

                That's why all RMM, for example, uses agents. There's no such thing as an RMM without them.

                AdamFA 1 Reply Last reply Reply Quote 3
                • stacksofplatesS
                  stacksofplates @AdamF
                  last edited by

                  @AdamF said in Opinions: Ansible vs. SaltStack:

                  So this is now a super old post, but still relevant. I have been using Saltstack to manage my servers. I don't have any downsides to this so far, but I like to re-evaluate every so often. I see that Ansible open sourced (a couple years ago) their Tower GUI (AWX) That's attractive to me.

                  What are the current opinions on server management in regards to Ansible vs Saltstack.

                  I believe AWX is much better these days. I still don't like it as much as just using Jenkins. Jenkins gives you a ton of flexibility while still giving you an interface to take inputs or run jobs.

                  1 Reply Last reply Reply Quote 0
                  • AdamFA
                    AdamF @scottalanmiller
                    last edited by

                    @scottalanmiller said in Opinions: Ansible vs. SaltStack:

                    essentially every company has some number of workloads like this and once you have one, you can only use agentless when you are willing to not manage everything, just some things. Agent based is essentially the only way to use one tool for all

                    That's understandable. So what about if you are not managing workstations, and you would only use this to manage server workloads in various data centers? Would your same thinking still apply?

                    scottalanmillerS 1 Reply Last reply Reply Quote 0
                    • scottalanmillerS
                      scottalanmiller @AdamF
                      last edited by

                      @AdamF said in Opinions: Ansible vs. SaltStack:

                      @scottalanmiller said in Opinions: Ansible vs. SaltStack:

                      essentially every company has some number of workloads like this and once you have one, you can only use agentless when you are willing to not manage everything, just some things. Agent based is essentially the only way to use one tool for all

                      That's understandable. So what about if you are not managing workstations, and you would only use this to manage server workloads in various data centers? Would your same thinking still apply?

                      Depends, is every server open to the Internet and/or on a LAN that you have access to? Mine are not, I have a lot of servers that are like databases and are not accessible from the outside whatsoever. Salt works great and they are super secure. I can do loads of port forwarding and whatnot for Ansible and make it work as their IPs don't change, but it's a huge pain.

                      And what if you use any kind of scaling, combined with that kind of security, now you have to automate port forwarding and firewall rules, combined with the VMs, in real time, or you get management errors with the wrong stuff going to the wrong server.

                      Agents are just so much better IMHO in the real world. Not that that one factor means everything, but all other things being equal, I always want the agent.

                      AdamFA 2 Replies Last reply Reply Quote 1
                      • AdamFA
                        AdamF @scottalanmiller
                        last edited by

                        @scottalanmiller said in Opinions: Ansible vs. SaltStack:

                        @AdamF said in Opinions: Ansible vs. SaltStack:

                        @scottalanmiller said in Opinions: Ansible vs. SaltStack:

                        essentially every company has some number of workloads like this and once you have one, you can only use agentless when you are willing to not manage everything, just some things. Agent based is essentially the only way to use one tool for all

                        That's understandable. So what about if you are not managing workstations, and you would only use this to manage server workloads in various data centers? Would your same thinking still apply?

                        Depends, is every server open to the Internet and/or on a LAN that you have access to? Mine are not, I have a lot of servers that are like databases and are not accessible from the outside whatsoever. Salt works great and they are super secure. I can do loads of port forwarding and whatnot for Ansible and make it work as their IPs don't change, but it's a huge pain.

                        And what if you use any kind of scaling, combined with that kind of security, now you have to automate port forwarding and firewall rules, combined with the VMs, in real time, or you get management errors with the wrong stuff going to the wrong server.

                        Agents are just so much better IMHO in the real world. Not that that one factor means everything, but all other things being equal, I always want the agent.

                        That's fair. With Salt, on your salt master, do you rely on the keys for authentication, or do you also lock down your firewall to only allow ports 4505:4506 FROM your minion IPs?

                        1 Reply Last reply Reply Quote 0
                        • AdamFA
                          AdamF @scottalanmiller
                          last edited by

                          @scottalanmiller said in Opinions: Ansible vs. SaltStack:

                          @AdamF said in Opinions: Ansible vs. SaltStack:

                          @scottalanmiller said in Opinions: Ansible vs. SaltStack:

                          essentially every company has some number of workloads like this and once you have one, you can only use agentless when you are willing to not manage everything, just some things. Agent based is essentially the only way to use one tool for all

                          That's understandable. So what about if you are not managing workstations, and you would only use this to manage server workloads in various data centers? Would your same thinking still apply?

                          Depends, is every server open to the Internet and/or on a LAN that you have access to? Mine are not, I have a lot of servers that are like databases and are not accessible from the outside whatsoever. Salt works great and they are super secure. I can do loads of port forwarding and whatnot for Ansible and make it work as their IPs don't change, but it's a huge pain.

                          And what if you use any kind of scaling, combined with that kind of security, now you have to automate port forwarding and firewall rules, combined with the VMs, in real time, or you get management errors with the wrong stuff going to the wrong server.

                          Agents are just so much better IMHO in the real world. Not that that one factor means everything, but all other things being equal, I always want the agent.

                          Also, is the new Salt Gui that you are talking about open source?

                          scottalanmillerS 1 Reply Last reply Reply Quote 0
                          • scottalanmillerS
                            scottalanmiller @AdamF
                            last edited by

                            @AdamF said in Opinions: Ansible vs. SaltStack:

                            Also, is the new Salt Gui that you are talking about open source?

                            Yes

                            AdamFA 1 Reply Last reply Reply Quote 0
                            • AdamFA
                              AdamF @scottalanmiller
                              last edited by

                              @scottalanmiller

                              What is it called?

                              scottalanmillerS 1 Reply Last reply Reply Quote 0
                              • scottalanmillerS
                                scottalanmiller @AdamF
                                last edited by

                                @AdamF said in Opinions: Ansible vs. SaltStack:

                                @scottalanmiller

                                What is it called?

                                I have no memory of it, lol, but there's a thread around here about it. It's focused as an RMM, but Salt under the hood. Very cool idea. It's a lot of where SodiumSuite was going.

                                RomoR travisdh1T 2 Replies Last reply Reply Quote 0
                                • RomoR
                                  Romo @scottalanmiller
                                  last edited by Romo

                                  @scottalanmiller said in Opinions: Ansible vs. SaltStack:

                                  @AdamF said in Opinions: Ansible vs. SaltStack:

                                  @scottalanmiller

                                  What is it called?

                                  I have no memory of it, lol, but there's a thread around here about it. It's focused as an RMM, but Salt under the hood. Very cool idea. It's a lot of where SodiumSuite was going.

                                  Tactical RMM - Targetted as an RMM for Windows, includes Mesh Central, saltstack, a custom python agent, Django backend, Vue frontend.

                                  UYUNI - OpenSuse Leap 15.2 based, but manages SUSE Linux Enterprise, openSUSE, Red Hat Enterprise Linux, CentOS, Oracle Linux and Ubuntu client systems. This is since 2018 the upstream project for SUSE Manager.

                                  scottalanmillerS 1 Reply Last reply Reply Quote 0
                                  • travisdh1T
                                    travisdh1 @scottalanmiller
                                    last edited by

                                    @scottalanmiller said in Opinions: Ansible vs. SaltStack:

                                    @AdamF said in Opinions: Ansible vs. SaltStack:

                                    @scottalanmiller

                                    What is it called?

                                    I have no memory of it, lol, but there's a thread around here about it. It's focused as an RMM, but Salt under the hood. Very cool idea. It's a lot of where SodiumSuite was going.

                                    There seem to be a bunch, in addition to the official paid-for thing they have now, and what @Romo listed.

                                    https://github.com/erwindon/SaltGUI
                                    https://speakerdeck.com/lothiraldan/saltpad-a-saltstack-web-gui

                                    1 Reply Last reply Reply Quote 0
                                    • AdamFA
                                      AdamF
                                      last edited by

                                      Whoa! VM Ware just acquired Saltstack. https://blogs.vmware.com/management/2020/10/vmware-completes-saltstack-acquisition-to-bolster-software-configuration-management-and-infrastructure-automation.html?utm_source=rss&utm_medium=rss&utm_campaign=vmware-completes-saltstack-acquisition-to-bolster-software-configuration-management-and-infrastructure-automation

                                      I wonder what that means moving forward....

                                      scottalanmillerS 1 Reply Last reply Reply Quote 0
                                      • scottalanmillerS
                                        scottalanmiller @AdamF
                                        last edited by

                                        @AdamF said in Opinions: Ansible vs. SaltStack:

                                        Whoa! VM Ware just acquired Saltstack. https://blogs.vmware.com/management/2020/10/vmware-completes-saltstack-acquisition-to-bolster-software-configuration-management-and-infrastructure-automation.html?utm_source=rss&utm_medium=rss&utm_campaign=vmware-completes-saltstack-acquisition-to-bolster-software-configuration-management-and-infrastructure-automation

                                        I wonder what that means moving forward....

                                        That was over a week ago, lol.

                                        AdamFA 1 Reply Last reply Reply Quote 0
                                        • scottalanmillerS
                                          scottalanmiller @Romo
                                          last edited by

                                          @Romo said in Opinions: Ansible vs. SaltStack:

                                          Tactical RMM - Targetted as an RMM for Windows, includes Mesh Central, saltstack, a custom python agent, Django backend, Vue frontend.

                                          That's the one that I was thinking of.

                                          1 Reply Last reply Reply Quote 0
                                          • AdamFA
                                            AdamF @scottalanmiller
                                            last edited by

                                            @scottalanmiller said in Opinions: Ansible vs. SaltStack:

                                            @AdamF said in Opinions: Ansible vs. SaltStack:

                                            Whoa! VM Ware just acquired Saltstack. https://blogs.vmware.com/management/2020/10/vmware-completes-saltstack-acquisition-to-bolster-software-configuration-management-and-infrastructure-automation.html?utm_source=rss&utm_medium=rss&utm_campaign=vmware-completes-saltstack-acquisition-to-bolster-software-configuration-management-and-infrastructure-automation

                                            I wonder what that means moving forward....

                                            That was over a week ago, lol.

                                            Ha! Just saw it this AM. Does this give you any concern with the future of the open source version of Salt?

                                            scottalanmillerS 1 Reply Last reply Reply Quote 0
                                            • 1
                                            • 2
                                            • 3
                                            • 4
                                            • 5
                                            • 3 / 5
                                            • First post
                                              Last post